vale&rug Inviato 23 Giugno 2014 Segnala Condividi Inviato 23 Giugno 2014 Ciao ragazzi, ho un cliente che preso un server cloud, gli ho creato la sua macchina con Centos 64bit con 2cpu, 4gb di ram, 100gb hd e con pannllo Plesk. Al momento sul server c'è installato solo Magento 1.9.0.0 ed è vuoto, ovvero non ci sono prodotti, non ci sono visite, non ci sono transazioni...proprio lndo post installazione. Mi arrivano, almeno 10 al gg email come queste: l parametro dello stato del server "Servizi > Utilizzo della memoria Apache" ha cambiato il suo stato da "green" a "yellow".top - 10:14:40 up 1 day, 8:40, 0 users, load average: 0.03, 0.03, 0.00Tasks: 125 total, 1 running, 124 sleeping, 0 stopped, 0 zombieCpu(s): 0.4%us, 0.2%sy, 0.0%ni, 99.1%id, 0.2%wa, 0.0%hi, 0.0%si, 0.0%stMem: 2956664k total, 1912048k used, 1044616k free, 200872k buffersSwap: 2064376k total, 0k used, 2064376k free, 672920k cachedPID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND1 root 20 0 19232 1564 1264 S 0.0 0.1 0:02.25 init2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd3 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/04 root 20 0 0 0 0 S 0.0 0.0 0:00.26 ksoftirqd/05 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/06 root RT 0 0 0 0 S 0.0 0.0 0:00.30 watchdog/07 root 20 0 0 0 0 S 0.0 0.0 1:19.24 events/08 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cgroup9 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khelper10 root 20 0 0 0 0 S 0.0 0.0 0:00.00 netns11 root 20 0 0 0 0 S 0.0 0.0 0:00.00 async/mgr12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pm13 root 20 0 0 0 0 S 0.0 0.0 0:00.66 sync_supers14 root 20 0 0 0 0 S 0.0 0.0 0:00.76 bdi-default15 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kintegrityd/016 root 20 0 0 0 0 S 0.0 0.0 0:02.61 kblockd/017 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpid18 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_notify19 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_hotplug20 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata_aux21 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata_sff/022 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksuspend_usbd23 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khubd24 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kseriod25 root 20 0 0 0 0 S 0.0 0.0 0:00.00 md/026 root 20 0 0 0 0 S 0.0 0.0 0:00.00 md_misc/027 root 20 0 0 0 0 S 0.0 0.0 0:00.00 linkwatch28 root 20 0 0 0 0 S 0.0 0.0 0:00.05 khungtaskd29 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kswapd030 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd31 root 39 19 0 0 0 S 0.0 0.0 0:03.39 khugepaged32 root 20 0 0 0 0 S 0.0 0.0 0:00.00 aio/033 root 20 0 0 0 0 S 0.0 0.0 0:00.00 crypto/038 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthrotld/039 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pciehpd41 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kpsmoused42 root 20 0 0 0 0 S 0.0 0.0 0:00.00 usbhid_resumer73 root 20 0 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh76 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cxgb478 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cnic_wq79 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 bnx2i_thread/092 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kstriped149 root 20 0 0 0 0 S 0.0 0.0 0:00.01 scsi_eh_0150 root 20 0 0 0 0 S 0.0 0.0 0:00.02 scsi_eh_1157 root 20 0 0 0 0 S 0.0 0.0 0:03.69 mpt_poll_0158 root 20 0 0 0 0 S 0.0 0.0 0:00.00 mpt/0159 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_2295 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdmflush297 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdmflush314 root 20 0 0 0 0 S 0.0 0.0 0:06.32 jbd2/dm-0-8315 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ext4-dio-unwrit337 root 20 0 0 0 0 S 0.0 0.0 0:09.34 flush-253:0395 root 16 -4 11044 1072 320 S 0.0 0.0 0:00.67 udevd612 root 20 0 0 0 0 S 0.0 0.0 0:03.74 vmmemctl691 root 18 -2 10652 780 344 S 0.0 0.0 0:00.00 udevd720 root 20 0 0 0 0 S 0.0 0.0 0:00.00 jbd2/sda1-8721 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ext4-dio-unwrit772 root 20 0 0 0 0 S 0.0 0.0 0:00.22 kauditd775 root 20 0 328m 24m 17m S 0.0 0.9 0:03.28 sw-engine776 root 20 0 117m 2632 1932 S 0.0 0.1 0:06.39 monit1286 root 16 -4 27640 824 564 S 0.0 0.0 0:01.66 auditd1313 root 20 0 243m 2200 1012 S 0.0 0.1 0:01.45 rsyslogd1340 rpc 20 0 18976 892 640 S 0.0 0.0 0:00.25 rpcbind1358 rpcuser 20 0 23348 1344 896 S 0.0 0.0 0:00.03 rpc.statd1380 root 20 0 13580 948 768 S 0.0 0.0 0:08.16 lldpad1415 root 20 0 45368 1472 296 S 0.0 0.0 0:00.00 sw-cp-serverd1417 sw-cp-se 20 0 46520 4080 1700 S 0.0 0.1 0:03.07 sw-cp-serverd1428 root 20 0 66608 1232 516 S 0.0 0.0 0:01.18 sshd1437 root 20 0 22180 992 752 S 0.0 0.0 0:00.01 xinetd1450 root 20 0 4068 496 400 S 0.0 0.0 0:00.00 courierlogger1451 root 20 0 30296 1416 1044 S 0.0 0.0 0:00.02 authdaemond1456 root 20 0 30296 480 108 S 0.0 0.0 0:00.00 authdaemond1457 root 20 0 30296 480 108 S 0.0 0.0 0:00.00 authdaemond1458 root 20 0 30296 480 108 S 0.0 0.0 0:00.00 authdaemond1459 root 20 0 30296 480 108 S 0.0 0.0 0:00.00 authdaemond1460 root 20 0 30296 480 108 S 0.0 0.0 0:00.00 authdaemond1464 root 20 0 4068 380 300 S 0.0 0.0 0:00.00 courierlogger1465 root 20 0 11904 888 752 S 0.0 0.0 0:00.01 couriertcpd1473 root 20 0 4068 384 300 S 0.0 0.0 0:00.00 courierlogger1474 root 20 0 11904 892 752 S 0.0 0.0 0:00.01 couriertcpd1481 root 20 0 4068 384 300 S 0.0 0.0 0:00.00 courierlogger1482 root 20 0 11904 884 752 S 0.0 0.0 0:00.01 couriertcpd1490 root 20 0 4068 380 300 S 0.0 0.0 0:00.00 courierlogger1491 root 20 0 11904 884 752 S 0.0 0.0 0:00.01 couriertcpd1502 postfix 20 0 392m 1620 1084 S 0.0 0.1 0:03.37 psa-pc-remote1529 root 20 0 333m 7820 936 S 0.0 0.3 0:00.25 sw-engine-fpm1565 root 20 0 11304 1472 1220 S 0.0 0.0 0:00.01 mysqld_safe1670 mysql 20 0 693m 46m 7272 S 0.0 1.6 1:08.61 mysqld1743 named 20 0 230m 19m 2552 S 0.0 0.7 0:00.17 named1986 root 20 0 341m 26m 5252 S 0.0 0.9 0:07.96 sw-engine1995 root 20 0 528m 2892 968 S 0.0 0.1 0:50.02 sw-collectd2009 root 20 0 114m 1288 644 S 0.0 0.0 0:00.60 crond2034 root 20 0 4064 576 496 S 0.0 0.0 0:00.00 mingetty2036 root 20 0 4064 572 496 S 0.0 0.0 0:00.00 mingetty2038 root 20 0 4064 580 496 S 0.0 0.0 0:00.00 mingetty2040 root 20 0 4064 576 496 S 0.0 0.0 0:00.00 mingetty2042 root 20 0 4064 576 496 S 0.0 0.0 0:00.00 mingetty2044 root 20 0 4064 572 496 S 0.0 0.0 0:00.00 mingetty17396 root 20 0 58260 2800 2052 S 0.0 0.1 0:08.26 master17399 postfix 20 0 58504 2912 2160 S 0.0 0.1 0:04.34 qmgr17402 postfix 20 0 58340 2816 2096 S 0.0 0.1 0:00.01 tlsmgr17763 root 20 0 329m 20m 9m S 0.0 0.7 0:02.00 httpd17765 apache 20 0 229m 6280 476 S 0.0 0.2 0:00.84 httpd17766 apache 20 0 335m 21m 4960 S 0.0 0.8 0:00.34 httpd17767 apache 20 0 377m 62m 6064 S 0.0 2.2 0:01.02 httpd17768 apache 20 0 377m 63m 4676 S 0.0 2.2 0:01.61 httpd17769 apache 20 0 377m 63m 5936 S 0.0 2.2 0:02.29 httpd17770 apache 20 0 368m 54m 5928 S 0.0 1.9 0:02.71 httpd17771 apache 20 0 373m 59m 4484 S 0.0 2.1 0:03.94 httpd17772 apache 20 0 360m 46m 4888 S 0.0 1.6 0:01.34 httpd17773 apache 20 0 377m 64m 4892 S 0.0 2.2 0:03.70 httpd17895 apache 20 0 373m 59m 4676 S 0.0 2.1 0:01.91 httpd17896 apache 20 0 340m 25m 4316 S 0.0 0.9 0:01.10 httpd17897 apache 20 0 338m 23m 4408 S 0.0 0.8 0:00.33 httpd17898 apache 20 0 379m 64m 5844 S 0.0 2.2 0:02.13 httpd17899 apache 20 0 368m 54m 6028 S 0.0 1.9 0:03.05 httpd17900 apache 20 0 377m 63m 5160 S 0.0 2.2 0:02.67 httpd17901 apache 20 0 377m 62m 5908 S 0.0 2.2 0:02.38 httpd17902 apache 20 0 379m 64m 5680 S 0.0 2.2 0:02.61 httpd24725 apache 20 0 371m 56m 4360 S 0.0 2.0 0:00.76 httpd24726 apache 20 0 381m 67m 4612 S 0.0 2.3 0:01.17 httpd24727 apache 20 0 329m 12m 2160 S 0.0 0.4 0:00.00 httpd25179 postfix 20 0 58340 2708 1996 S 0.0 0.1 0:00.00 pickup25197 ftpmsiit 20 0 152m 5632 3180 S 0.0 0.2 0:00.10 in.proftpd25203 root 20 0 15024 1180 880 R 0.0 0.0 0:00.00 top ed anche email come queste Please inspect this machine, because it may be infected. Scan log:[01:00:08] Running Rootkit Hunter version 1.3.4 on ruggero[01:00:08][01:00:08] Info: Start date is lun 23 giu 2014, 01.00.08, CEST[01:00:08][01:00:08] Checking configuration file and command-line options...[01:00:08] Info: Detected operating system is 'Linux'[01:00:08] Info: Uname output is 'Linux ruggero.local 2.6.32-431.17.1.el6.x86_64 #1 SMP Wed May 7 23:32:49 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux'............................................................................................................... [01:03:19] System checks summary[01:03:20] =====================[01:03:20][01:03:20] File properties checks...[01:03:20] Required commands check failed[01:03:20] Files checked: 122[01:03:20] Suspect files: 3[01:03:20][01:03:20] Rootkit checks...[01:03:20] Rootkits checked : 114[01:03:20] Possible rootkits: 0[01:03:20][01:03:20] Applications checks...[01:03:20] Applications checked: 7[01:03:20] Suspect applications: 1[01:03:20][01:03:20] The system checks took: 2 minutes and 41 seconds Secondo voi è un problema di configurazione del server? Magento? Avete dea di come e se è possibile sistemare? Grazie! Imac 21,5" - 3.20 Ghz Intel Core i3 4GB 13333 DDR3 - 1Tb hd Link al commento Condividi su altri siti Altre opzioni di condivisione...
Messaggi raccomandati
Archiviato
Questa discussione è archiviata e chiusa a future risposte.